3 * Implements Special:Userlogout
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
21 * @ingroup SpecialPage
25 * Implements Special:Userlogout
27 * @ingroup SpecialPage
29 class SpecialUserLogout
extends UnlistedSpecialPage
{
30 function __construct() {
31 parent
::__construct( 'Userlogout' );
34 public function doesWrites() {
38 function execute( $par ) {
40 * Some satellite ISPs use broken precaching schemes that log people out straight after
41 * they're logged in (T19790). Luckily, there's a way to detect such requests.
43 if ( isset( $_SERVER['REQUEST_URI'] ) && strpos( $_SERVER['REQUEST_URI'], '&' ) !== false ) {
44 wfDebug( "Special:UserLogout request {$_SERVER['REQUEST_URI']} looks suspicious, denying.\n" );
45 throw new HttpError( 400, $this->msg( 'suspicious-userlogout' ), $this->msg( 'loginerror' ) );
49 $this->outputHeader();
51 $out = $this->getOutput();
52 $user = $this->getUser();
53 $request = $this->getRequest();
55 $logoutToken = $request->getVal( 'logoutToken' );
57 'logoutToken' => $user->getEditToken( 'logoutToken', $request )
58 ] +
$request->getValues();
59 unset( $urlParams['title'] );
60 $continueLink = $this->getFullTitle()->getFullUrl( $urlParams );
62 if ( $logoutToken === null ) {
63 $this->getOutput()->addWikiMsg( 'userlogout-continue', $continueLink );
66 if ( !$this->getUser()->matchEditToken(
67 $logoutToken, 'logoutToken', $this->getRequest(), 24 * 60 * 60
69 $this->getOutput()->addWikiMsg( 'userlogout-sessionerror', $continueLink );
73 // Make sure it's possible to log out
74 $session = MediaWiki\Session\SessionManager
::getGlobalSession();
75 if ( !$session->canSetUser() ) {
76 throw new ErrorPageError(
77 'cannotlogoutnow-title',
78 'cannotlogoutnow-text',
80 $session->getProvider()->describe( RequestContext
::getMain()->getLanguage() )
85 $user = $this->getUser();
86 $oldName = $user->getName();
90 $loginURL = SpecialPage
::getTitleFor( 'Userlogin' )->getFullURL(
91 $this->getRequest()->getValues( 'returnto', 'returntoquery' ) );
93 $out = $this->getOutput();
94 $out->addWikiMsg( 'logouttext', $loginURL );
98 Hooks
::run( 'UserLogoutComplete', [ &$user, &$injected_html, $oldName ] );
99 $out->addHTML( $injected_html );
101 $out->returnToMain();
104 protected function getGroupName() {